lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Sun, 22 Jul 2018 11:02:34 +0200
From:   Florian Westphal <fw@...len.de>
To:     Shaochun Chen <cscnull@...il.com>
Cc:     pablo@...filter.org, kadlec@...ckhole.kfki.hu, fw@...len.de,
        davem@...emloft.net, johannes.berg@...el.com, pombredanne@...b.com,
        kstewart@...uxfoundation.org, gregkh@...uxfoundation.org,
        Jason@...c4.com, dsahern@...il.com, lucien.xin@...il.com,
        ktkhai@...tuozzo.com, xiyou.wangcong@...il.com,
        linux-kernel@...r.kernel.org, netfilter-devel@...r.kernel.org,
        netdev@...r.kernel.org, tom@...ntonium.net
Subject: Re: [PATCH] netlink: fix memory leak

Shaochun Chen <cscnull@...il.com> wrote:

[ CC Tom Herbert ]

> and the memory which pointed by control->data will leak. so if netlink_dump
> start fail, call control->done to free the memory.

Tom, I was about to suggest moving extra allocations for dumps
into a ->start() callback whereever possible.

However, it looks like ->done() is not guaranteed to be called even if
->start() was invoked, but it seems at least ila assumes ->done always
cleans up after ->start.

I am looking at netlink_dump(); it calls ->done() only after the dump
callback was invoked.

In nf_tables_api.c case it might be possible to defer allocations until
->dump() is called for first time via cb_args but I don't think its
going to be any better than cleaning up manually after netlink_dump_start()
returned an error.

Any better ideas or advice on how to procceed?

Thanks!

Powered by blists - more mailing lists